When activated, Worm/Opasoft.P checks for 'SpeedBoss' in the registry entry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
If present, the related file is deleted. If not, the worm checks for 'Spees2' in the registry entry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
If not present, the worm registers:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Spees2"="%WinDIR%\Speedy.bat"

After controlling the registry and the place of its activity, the worm ensures that it has only one version in system memory, using a Mutex named SpeedyDoS2!.
The worm uses a security vulnerability of Microsoft Windows 95/98/Me. It sends single password characters to the network resource for accessing other Windows 95/98/Me files, without knowing the password.
The affected systems are:
Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Me

It creates the file C:\lentao!, that contains the text: "run=c:\windows\speedy.bat".

It looks like the worm is able to update itself, reading files from a website.